Arrests Won't Be the End for Hacking Groups

Sue Marquette Poremba

In the various stories I've read about the recent arrests of Anonymous "leaders," based on the snitching of LulzSec leader known as Sabu, one of the best lines comes from Rob Rachwald, director of security strategy for Imperva. In his blog post, Rachwald wrote:

Slide Show

Key Cyber Risk Oversight Recommendations for Boards and Senior Executives

Last Monday the New York Times had a quote from Cole Stryker, an author who has researched the Anonymous. He said, "Anonymous is a handful of geniuses surrounded by a legion of idiots." It seems the FBI is taking down the geniuses to paralyze the idiots.

Maybe that's what the FBI is trying to do, nab the brains behind the efforts and leave the followers to flounder. And even with solid leadership, the group has made its share of mistakes that have allowed individuals to be tracked down. Again from Rachwald:

Mistake #1: They brought too much attention to themselves. The LulzSec hackers were extremely unfocused in their goal and gained attention mainly due to the relative intensity of their activity and lack of other good media topics.
Mistake #2: They didn't cover up their tracks. Let's review some of the LulzSec chat logs from a few months ago. One snippet, in reference to discussions LulzSec was having with the media, shows how the hackers themselves admit they gave away too much information.

Despite the arrests and the tactical errors that helped lead to the arrests, we'd be foolish to think that this is the beginning of the end for Anonymous or its off-shoot groups. As James Ball wisely pointed out in a Guardian article, the hackers are mostly young people who are protesting about something, perhaps not so different from all of those young people involved in the various Occupy movements. As Ball said:

In the online realm, a single knowledgeable hacker engaging in civil disobedience can cause more trouble than a single protester.

And I thoroughly expect the hacking groups to continue to cause trouble and retaliate against the arrests. In fact, PC World has already announced the first act of retaliation by Anonymous. It was against 25 websites belonging to Panda Security. Private employee information was posted online and the sites were defaced with messages that condemned the company for "snitching on anonymous activists," with one message adding, "How does it feel to be spied on?"

My opinion is that while leaders will be caught - and I believe more arrests will be made as time goes on - new leadership will emerge. This would be a good time to make sure your back doors are closed and locked, so to speak. Make sure your security is up to date, vulnerabilities are patched and encryption is used regularly.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.